]]>By: pdphttp://www.gnucitizen.org/blog/browser-rootkits/comment-page-1/#comment-58773
pdpTue, 16 Oct 2007 13:26:05 +0000http://www.gnucitizen.org/blog/browser-rootkits#comment-58773can I ping you privately? or you can ping me privately with the information provided on the <a href="http://www.gnucitizen.org/contact" rel="nofollow">contact</a> page. cheers :)can I ping you privately? or you can ping me privately with the information provided on the contact page. cheers :)
]]>By: fazedhttp://www.gnucitizen.org/blog/browser-rootkits/comment-page-1/#comment-58771
fazedTue, 16 Oct 2007 13:19:36 +0000http://www.gnucitizen.org/blog/browser-rootkits#comment-58771Nice write up, I agree that they will become more common place in the future. You could combine it with a browser exploit for your point of access and drop A exe which overwrites the browser.jar file with your own code. sorry if thats a bit off-topic. would you be interested in giving a talk about it on the upcomming darkstar e-conference?
-fazedNice write up, I agree that they will become more common place in the future. You could combine it with a browser exploit for your point of access and drop A exe which overwrites the browser.jar file with your own code. sorry if thats a bit off-topic. would you be interested in giving a talk about it on the upcomming darkstar e-conference?

-fazed

]]>By: pdphttp://www.gnucitizen.org/blog/browser-rootkits/comment-page-1/#comment-58760
pdpTue, 16 Oct 2007 12:41:28 +0000http://www.gnucitizen.org/blog/browser-rootkits#comment-58760Jipe, you are right... the hidden field only works if you install the extension globally but as you suggested it is trivial to overlay the addons windows and as such remove the presence of the extension from the list.Jipe, you are right… the hidden field only works if you install the extension globally but as you suggested it is trivial to overlay the addons windows and as such remove the presence of the extension from the list.
]]>By: Jipehttp://www.gnucitizen.org/blog/browser-rootkits/comment-page-1/#comment-58752
JipeTue, 16 Oct 2007 12:06:29 +0000http://www.gnucitizen.org/blog/browser-rootkits#comment-58752Regarding the hidden capabilities of firefox extensions.
The hidden field of the install manifest only works for extensions installed in a restricted access area (so it does not work for add-ons installed in the profile).
However, as an extension extends the browser it will be trivial to it to remove itself from the extension list (just browse the list and remove the one which match the extension name)...
2cRegarding the hidden capabilities of firefox extensions.

The hidden field of the install manifest only works for extensions installed in a restricted access area (so it does not work for add-ons installed in the profile).

However, as an extension extends the browser it will be trivial to it to remove itself from the extension list (just browse the list and remove the one which match the extension name)…